Re: Not showing folders to non-allowed users on mapped drives

"Rick" <Rick@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:2B67C3B4-1E8C-4AB0-818C-C543E06B20A7@xxxxxxxxxxxxxxxx
Process of converting from Netware over to AD so still bit new to the
whole
AD thing.

Was wondering if there is a way in AD, Group Policy or Windows that only
the
folders that users have permission to show up when you map a drive like
that
in Netware. In Netware only what folders a user has permission to, show up
on
a mapped drive

No. Browsing of shares is NOT individually controlable.

If the user can authenticate on the domain or server then they
can "see" the list of shares.

You can hide the shares from EVERYONE (browsing) by adding
a $-sign as the last character but this is not security, just hiding
of the shares.

I know you set the permissions so those folders can't be accessed but it
would be nice if the non-allowed folders didn't show up at all to users.
It
would avoid alot of user access questions. I don't want to get into
separate
mapping for every app since I have a few to deal with and alot of
confidential data as well

It's a reasonable request, it just doesn't work that way.

For example if I have an application folder that has a payroll & a
purchasing app. I have 2 groups, one for payroll, one for purchasing. I
set
permissions on each folder so that only the proper group has access. I map
the drive as G: in my logon script.

As long as YOU are mapping them through scripts or other
means then you CAN use the $-terminator to hide them from
browsing.

You can also turn of the server announcements for a particular
server if you don't need ANYONE to browse the shares of that
particular server.

Browsing predates security (Win 3.1, WFW, Win95 etc).

I want those in the payroll group just to see g:\ & g:\payroll, those in
the
purchasing group just to see g:\ & g:\purchasing and those in both groups
to
see g:\, G:\payroll & G:\purchasing

Sorry


--
Herb Martin, MCSE, MVP
Accelerated MCSE
http://www.LearnQuick.Com
[phone number on web site]


Hope this makes sense



.

Relevant Pages

  • Re: Network shares cannot connect
    ... User Name: SERVER$ ... Regarding the shares accessing problem, I suggest you try following steps ... let's focus on the Users Shared Folder first. ... To check this permission, please click the Advanced button, select ...
    (microsoft.public.windows.server.sbs)
  • Re: Single server enviornment migration to 2003
    ... (I lost connection my old way, ... I tried to use the file server Migration Toolkit. ... I copy and pasted the folders. ... I don't have permission to that folder. ...
    (microsoft.public.windows.server.migration)
  • RE: How to Grant Power Users rights to administrative shares.
    ... This is on windows server 2003. ... right click shares and select new file share ... The "Create A Shared Folder Wizard" opens click next. ... Please check the permission settings of the shared folders. ...
    (microsoft.public.windows.server.sbs)
  • Cant write to files stored on win2k3 shares
    ... Currently the shares are working with the NT ... Server but they'd like the shares to run from the win2k3 ... called "Shared Folders" that isn't shared and I haven't ... but were saved to a temporary document ...
    (microsoft.public.windows.file_system)
  • Re: Printing AD items
    ... There is no practical way to show which folders ... tools for NTFS file and directory permissions. ... The problem with shares is that there is no trivial ... you can list the shares with "net share" on each server. ...
    (microsoft.public.win2000.active_directory)